Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

I am getting sec_error_extension_value_invalid - how do I fix this?

  • 3 件の返信
  • 44 人がこの問題に困っています
  • 1 回表示
  • 最後の返信者: cor-el

more options

Hi I recently installed an IBM IPS device which allows you to inspect SSL traffic. The way it does this is a sort of man in the middle and this means you need to download a certificate from the device and import it into your browsers. The process is detailed here for various browsers: http://www-01.ibm.com/support/docview.wss?uid=swg27039297.

Now this works for IE and Chrome and up until a recent update Firefox. I now get the error sec_error_extension_value_invalid.

Any idea on how to resolve this?

Hi I recently installed an IBM IPS device which allows you to inspect SSL traffic. The way it does this is a sort of man in the middle and this means you need to download a certificate from the device and import it into your browsers. The process is detailed here for various browsers: http://www-01.ibm.com/support/docview.wss?uid=swg27039297. Now this works for IE and Chrome and up until a recent update Firefox. I now get the error sec_error_extension_value_invalid. Any idea on how to resolve this?

選ばれた解決策

Very helpful. It looks as though the CA issued by the device (XGS 4100) doesn't conform. Remediation is to lower the version of Firefox back to 28.0 which is the last version listed in the support matrix.

この回答をすべて読む 👍 1

すべての返信 (3)

more options
more options

選ばれた解決策

Very helpful. It looks as though the CA issued by the device (XGS 4100) doesn't conform. Remediation is to lower the version of Firefox back to 28.0 which is the last version listed in the support matrix.

more options

It is possible to disable this new feature by disabling libPKIX support, but of course this is not recommended for security and vulnerability reasons.

  • about:config page: security.use_mozillapkix_verification = false